OPSWAT Deep CDR is an advanced threat prevention technology that does not rely on detection. Instead, it assumes all files are malicious and cleans and reconstructs each file to provide full usability with safe content.
OPSWAT’s technology has initiated technological change in the current market and has become a leading cybersecurity solution in CDR technology. Its depth of archive processing, accuracy in file reconstruction, and extensive support for valid file types (currently over 90 different file types) set it apart from other solutions.
The technology is highly effective in preventing known and unknown threats, including zero-day targeted attacks, completely undetectable malware, VMware detection, evasion, and others.
How Does Deep CDR Work?
File Identification and Scanning
Files are evaluated and verified as they enter the disinfection system from among over 4,500 file types to ensure file type and consistency. Each file is scanned to identify all mixed active content in the file, such as macros, bridges, and OLE objects. File extensions are examined to prevent seemingly complex files from appearing as simpler ones, flagged for malicious content, and alert organizations during an attack. Our solution supports disinfection for over 90 common file types, including PDFs, Microsoft Office files, HTML, and many image files. JTD and HWP files are also supported.
Sanitization of Files
Files are quickly and securely reconstructed. File elements are separated into discrete components, malicious elements are removed, and metadata and all file attributes are reconstructed. New files are recompiled, renamed, and delivered, allowing users to safely use files without loss of usability.
Use Files
The newly reconstructed files are now usable. Even complex files remain usable; for example, animations embedded in PowerPoint files remain intact after Deep CDR. Finally, original files are quarantined for backup and further review. Our advanced Deep CDR engine protects against the most sophisticated threats while providing fully usable files with safe content, preserving user productivity and protecting against advanced threats.
“As malware evasion techniques evolve, the use of CDR at the email gateway as an adjunct or alternative to sandboxing will increase.”
GARTNER
Why Do You Need Deep CDR?
Traditional Defenses Are Becoming Less Effective
Malware is becoming increasingly sophisticated and often exploits both known and unknown software vulnerabilities:
- Malware is becoming more sophisticated and often exploits both known and unknown software vulnerabilities.
- Malware is now being created “sandbox-aware” and increasingly evading traditional detection methods.
- The number of file types is increasing every day, and new potential vulnerabilities are emerging for malicious actors to exploit.
- Files are becoming more complex, providing cybercriminals with more opportunities to embed malicious scripts and exploits.
Anti-Malware and Sandbox Solutions Rely on Detection
While anti-malware applications and sandboxes can detect and block most threats, no solution can capture 100% of threats. The problem with traditional anti-malware and sandbox technologies is that they rely on detection. While effective in many cases, cybercriminals continuously develop new defenses to evade traditional defenses. Complicating matters further, many of the file types posing the highest threat risk (such as Microsoft Office and PDF files) are essential for productivity. How can organizations protect themselves against these threats without impacting productivity?
Deep CDR Prevents Threats Without Relying on Detection
Instead of relying on detection, Deep CDR leaves no room for threat detection errors and prevents many file-based threats, including known, unknown, complex, and sandbox-aware threats without the need to detect all file-based threats effectively ‘disarming’ them.
OPSWAT’s Deep Content Disarm and Reconstruction Prevents Threats Without Loss of Efficiency
Our Deep CDR technology does not compromise productivity features of productivity files such as PowerPoint animations and Excel macros; thus, users can continue to use important files without the risk of virus infection. Most users will be unaware of the occurrence of Deep CDR.